The big drawback to online financial tools

Web-based personal finance tools offer many advantages. The question is whether any of them are worth the risk of a stolen identity

  • close
    TurboTax 2009 Deluxe. Hamm argues that online personal finance tools can be risky because they can leave essential personal information vulnerable to hackers.
    Business Wire/File
    View Caption
  • About video ads
    View Caption

A long while back (was it really 2008), I wrote an overview of the web-based personal finance tools available at that time. I didn’t really give a strong recommendation to any of them, though I did end up serving as an advisor for a time with Wesabe.

Today, is clearly the frontrunner in this field, but there are many other services that offer similar financial tools via the web. Many banks have incorporated similar tools into their online services, and other similar services such as TurboTax can be done fully via the web.

Personally, I don’t use any of them.

Why not? Mostly, it comes down to information security, as I briefly touched on in the article linked to above.

It’s not that I doubt the security policies of any of the sites. I think Mint, TurboTax, and other such web-based tools have stellar security policies, and I genuinely believe that they’re all doing the best they can to preserve the sanctity of your personal information. I’ve reviewed a lot of security policies and a lot of security histories over the years and I know that when you’re dealing with financial data, you’re not only buried behind a lot of regulation, you’re also dealing with an absolute requirement for your customers. This is not something any of them want to mess up in any way, and they’ve all taken powerful steps to keep you safe.

That’s not the point.

The reason I avoid using such tools is that all it takes is one mistake from one person for your information to be stolen. For one bright, shining example of this, take the loss of 100 million credit card numbers by a card processor in 2009. Even though the business had incredibly strong security policies, a hacker still managed to scrape off up to 100 million credit card numbers and related information from that company’s database. How did it happen? Most likely, one information security professional didn’t set up one security protocol correctly, and that was enough.

So, how does that affect whether I use such tools? The more places where you use your personal information, the greater the chance you have of getting your information or even your identity stolen.

Let’s say Alice has her personal information available to only one business in the country, her bank. She’s very careful about letting out any of her data anywhere else.

Let’s say Bob, on the other hand, has accounts at ten different financial institutions and uses several different tools to access those accounts. As many as twenty different companies with twenty different security policies have access to Bob’s data.

Let’s now say that personal data is lost by some company in America. Because Bob has his information with so many different institutions, Bob is twenty times more likely to be affected by this loss of data. By having so many accounts, Bob is putting himself at additional risk.

With every account you open where your personal information is used, you increase your risk of falling prey to a random act of information loss, whether it be someone breaking into a computer network or someone losing a backup tape.

Because of that, I’m very wary of the number of businesses that I share my information with. Unless there is astrongly compelling reason to share my personal data, I don’t share it.

For me, none of the online tools offer enough value to be worth increasing that risk, at least in my eyes.Mint might be awesome, but it’s not worth that additional risk to me. Neither is TurboTax Online or any of the other similar services.

It’s for this same reason that I use a single credit card with identity theft protection for most of my purchases.

I just want to minimize my risk of having my information out there when something goes wrong with information security somewhere, and my general recommendation to others is that they do the same.

The Christian Science Monitor has assembled a diverse group of the best economy-related bloggers out there. Our guest bloggers are not employed or directed by the Monitor and the views expressed are the bloggers' own, as is responsibility for the content of their blogs. To contact us about a blogger, click here. To add or view a comment on a guest blog, please go to the blogger's own site by clicking on

We want to hear, did we miss an angle we should have covered? Should we come back to this topic? Or just give us a rating for this story. We want to hear from you.